Acunetix Premium Archives | Page 5 of 22 | Acunetix (2023)

v14.1.210329187 - 30 Mar 2021

Copy LinkCopy Link

Version 14 build 14.1.210329187 for Windows, Linux and macOS – 30th March 2021


  • Fixed issue causing proxy authentication failures
  • Fixed scanner crash
  • Fixed indentation in Comprehensive report

v14.1.210324124 - 25 Mar 2021

Copy LinkCopy Link

Version 14 build 14.1.210324124 for Windows, Linux and macOS – 25th March 2021

(Video) Acunetix Premium Demo


  • Updated scanner so that “Restrict scans to import files” is taken into consideration for paths coming from Target knoweldgebase


  • Fixed a scanner crash
  • Fixed issue in Swagger 3 import feature

v14.1.210316110 - 17 Mar 2021

Copy LinkCopy Link

Version 14 build 14.1.210316110 for Windows, Linux and macOS – 17th March 2021

New Features

  • Web Asset Discovery, allowing users to discover domains related to their organisation or web assets already configured in Acunetix
  • New page showing all the Target FQDNs consuming a target license

New Vulnerability Checks


  • Acunetix updated to fully support NTLM Authentication for proxy authentication
  • Multiple LSR/BLR and DeepScan updates and fixes
  • Updated Chromium to v88.0.4298.0
  • Updated Postgres database to v13.2
  • Engines page has been updated to show the following:
    • Status (online or otherwise) for each Engine
    • The build number for each Engine
    • Any license issues are reported as part of the status for each Engine
  • Multi-Engine setups will start to automatically update the Engine only installations when the Main installation is updated
  • The UI will reload after Acunetix is upgraded
  • ‘WAF Export’ button renamed to ‘Export to’, and feature added to the Scans Page
  • Multiple updates to the Comprehensive report
  • Proxy Settings can now be specified for each Issue Tracker
  • Updated JavaScript Library Audit check to cover libraries not hosted on the scanned target
  • Users can now be created from the API
  • Updated CORS check


  • Fixed bug in “Vulnerabilities in SharePoint could allow elevation of privilege” check
  • Fixed issue causing check for updates to occasionally fail on MacOS
  • Fixed issue causing DOM XSS sink to not always be show the in the code extract displayed in the alert
  • Fixed issue caused when a custom collection is used in a TFS issue tracker configuration
  • Fixed issue in WordPress XML-RPC pingback abuse check
  • Fixed Deepscan crash
  • Fixed False Positive in Broken Link Hijacking check
  • Vulnerability CSV export now includes URL where vulnerability was detected

v13.0.210226118 - 26 Feb 2021

Copy LinkCopy Link

Version 13 build 13.0.210226118 for Windows, Linux and macOS – 26th February 2021


  • Fix Backend issue related to AcuSensor

v13.0.210129162 - 02 Feb 2021

Copy LinkCopy Link

(Video) Crawling for Partial Scans Using Acunetix Web Vulnerability Scanner v10.5

Version 13 build 13.0.210129162 for Windows, Linux and macOS – 2nd February 2021

New Features

  • New AcuSensor for Node.js
  • New Target Knowledgebase records scan data which is used to improve future scans
  • New FQDN and Target filter in Grouped Vulnerabilities page
  • New FQDN column in Targets page

New Vulnerability Checks


  • Simplified User Profile page
  • Improved handing of HTML comments
  • Improved processing of sites using dynamic links
  • Improved parsing of JavaScript for new paths
  • Form input type is taken into consideration when processing forms
  • Scanner now supports NTLM Authentication for proxy authentication
  • multiple DeepScan updates
  • Comprehensive report updated to use time zone configured for Acunetix user
  • Added setting in settings.xml to choose which SSL cipher to be used by the scanner
  • Integrated LSR logs are now stored for troubleshooting purposes
  • Notify user when client certificate is required but not configured for Target
  • Improvements in MAC installation
  • PHP AcuSensor will start including Stack Trace
  • Multiple LSR / BLR updates


  • Filter items sorted alphabetically
  • Fixed minor UI glitch in multi-engine registration page
  • Multiple fixes in SlowLoris detection
  • Fixed scanner crashes
  • Fixed CSV injection in Target Export
  • Fixed UI issues in Target Groups page
  • Fixed formatting for issues pushed to Jira
  • Fixed issue when installing on Centos8

v13.0.201217092 - 17 Dec 2020

Copy LinkCopy Link

Version 13 build 13.0.201217092 for Windows, Linux and macOS - 17th December 2020

New Features

  • Big improvement in handling of CSRF tokens
  • Added support for ShadowRoot
  • Added support for MacOS Big Sur

New Vulnerability Checks


  • Updated the UI for the multi-engine system
  • Multiple updates to the PHP AcuSensor
  • Multiple updates to the Login Sequence Recorder
  • Scanning engine updated to support using proxy server with NTLM Authentication


  • Fixed issue causing the browser to fail to launch on Kali
  • Fixed issue causing AcuSensor not found message to not be displayed
  • Fixed false positive in Zend Framework LFI via XXE
  • Fixed false positive in Directory Traversal
  • Fixed false positive in Cookie(s) with missing, inconsistent, or contradictory properties
  • Fixed false positive in Apache Struts2 Remote Command Execution (S2-052)
  • Fixed issue in highlighting of vulnerability in response
  • Fixed issue with Slow Loris
  • Fixed issue in WADL importer
  • Fixed crash in scanner
  • Fixed minor issues in Comprehensive Report
  • Fixed issue causing Acunetix to lose license information

v13.0.201126145 - 27 Nov 2020

Copy LinkCopy Link

(Video) Acunetix demo

Version 13 build 13.0.201126145 for Windows / Linux and 13.0.201126157 for macOS - 27th November 2020

New Features

  • New user role: Platform Admin, provides full access to Acunetix


  • Network Settings can now be confirmed using the new Check Settings button
  • Management of Targets by Tech Admin role can now be selectively turned off


  • Fixed issue causing inability to access last continuous failed scan
  • Fixed UI issues causing inability to add targets to target group when target list is filtered
  • Acunetix is now correctly reporting progress for Network Scans
  • UI updated to hide specific options for the different Acunetix user roles

v13.0.201112128 - 12 Nov 2020

Copy LinkCopy Link

Version 13 (build 13.0.201112128 for Windows / Linux / macOS) 12 November 2020


  • Updated Telerik vulnerability checks
  • The Tech Admin user role can now create new Targets
  • Renamed acu_phpaspect.php to acusensor.php
  • Updated Comprehensive report to indicate Verified vulnerabilities
  • Logon Banner now supports multi-line banners


  • Fixed issue in SlowLoris vulnerability check
  • Fixed issue LSR hang caused when closing the LSR immediately after opening it
  • Fixed scan hanging issue
  • Fixed a couple of issues in the CSV export
  • Fixed issue causing incorrect threat level in Comprehensive report
  • Fixed false positives in Outdated JS libraries and Insecure Referrer Policy checks
  • Fixed UI issue with long target name causing buttons to be hidden
  • Fixed issue causing double input schemes
  • Fixed crash in scanner
  • Fixed issue causing vulnerability count in Dashboard to not always be updated


(Video) Acunetix WVS 9 5 Deep Dive Webinar


Does Acunetix detect Trojan? ›

Malicious Script Detection

Acunetix downloads such files and scans them for malware such as trojans, backdoors, spyware, and more. Malware is detected using renowned malware scanning engines. In the case of Microsoft Windows, Acunetix uses the built-in Microsoft Defender.

Will an alert marked as false positive show up on reports generated Acunetix? ›

False Positive - There are situations where a vulnerability is incorrectly detected by Acunetix. The vulnerability will not be reported again in future scans. Ignored - This status can be used for vulnerabilities which are not False Positives, but which for some reason should be ignored in future scans.

What is the difference between Acunetix and Netsparker? ›

The enterprise-focused Netsparker Enterprise uses the Netsparker web application security engine developed especially for enterprise needs. The SMB/SME-focused Acunetix Premium uses the Acunetix vulnerability scanning technology developed for smaller business needs.

Is Acunetix scanner free? ›

Acunetix Manual Tools are free for private and commercial use but they are not an open-source project. Currently, they are only available for the Microsoft Windows operating system.

Can a Trojan be undetectable? ›

Malware can take many forms, including viruses, worms, trojan horses, ransomware, and spyware. Can malware be undetected? Yes, malware can hide itself and antivirus and other protection programs may not catch it.

What will happen if Trojan is detected? ›

Trojans can infect your computer and cause enormous problems before you even know what happened. Once a trojan gets onto your system, it can monitor your keyboard, install additional malware and cause a variety of other problems you simply don't want to face.

Which is worse false positive or false negative IT security? ›

A false positive is a false alarm. A false negative state is the most serious and dangerous state. This is when the IDS identifies an activity as acceptable when the activity is actually an attack. That is, a false negative is when the IDS fails to catch an attack.

Is a false positive virus safe? ›

False positives (false alarms) are harmless files or URLs that are incorrectly identified as malicious by the antivirus program. Software programs that behave like malware or use identical file compression and protection techniques are susceptible to false alarms.

What is a false positive virus? ›

A false positive is another way of saying mistake. As applied to the field of anti-malware programs, a false positive occurs when the program mistakenly flags an innocent file as being infected. This may seem harmless enough, but false positives can be a real nuisance.

What is best network vulnerability scanner? ›

Comparing the Best Vulnerability Scanning Tools
NameBest For
Invicti (formerly Netsparker)Automated Web Security Scanning
AcunetixIntuitive Web Application Security Scanner
IntruderContinuous vulnerability scanning and attack surface reduction.
Astra SecurityWeb Application Vulnerability Scanner & Pentest
5 more rows
Feb 14, 2023

How much does Acunetix cost? ›

Pricing Information
UnitsDescription12 MONTHS
Acunetix Online PremiumFQDN = website, web application, API, or web services$7,000
Acunetix MSSP LicenseAcunetix Managed Security Service Provider License$15,960
Invicti Ent On DemandFQDN = website, web application, API, or web services$37,000
3 more rows

What is the best open-source vulnerability scanner? ›

In this article, we take a look at popular open-source network vulnerability scanning tools.
  1. OpenVAS ( ...
  2. OpenSCAP ( ...
  3. Nmap ( ...
  4. Wireshark ( ...
  5. Metasploit (
Mar 6, 2023

What scanner app is completely free? ›

Adobe Scan is free to download and turns your mobile device into a powerful scanner that recognizes text automatically (OCR) and allows you to create, save, and organize your paper documents as a digital file.

Is there a truly free scanner app? ›

CamScanner (Android(Opens in a new tab) and iOS(Opens in a new tab)) This free app allows you to scan, merge, and access cloud storage — like iCloud or Google Drive.

Can a Trojan infect WiFi? ›

Trojan Attacks

A trojan attack tricks you into downloading malware hiding a virus that then tramples all over your phone, tablet, or computer. A router virus can ride inside a trojan, waiting to sniff out vulnerable public or home Wi-Fi networks to infect.

Can a Trojan infect a phone? ›

Yes. Just like computers, smartphones can get infected with malware. It can enter the system through infected apps, email attachments, and suspicious links.

Can Trojan virus be removed by factory reset? ›

Running a factory reset on a computer is an effective way to clear out a persistent virus or other malware you can't otherwise remove.

Should I be worried about Trojan? ›

Trojan viruses are bad because they trick users into downloading malware that harms devices in various ways. As an example, remote access Trojans (RATs) give hackers remote access to infected computers, which can result in spying, data theft, and identity theft.

Does Trojan always mean virus? ›

Trojans are not viruses, but they are a type of malware. People sometimes refer to “Trojan viruses” or “Trojan horse viruses,” but there's no such thing. That's due to one critical difference in how viruses and Trojans infect victims.

Can Trojan virus be harmless? ›

A Trojan horse (or Trojan) is one of the most common and dangerous types of threats that can infect your computer or mobile device. Trojans are usually disguised as benign or useful software that you download from the Internet, but they actually carry malicious code designed to do harm—thus their name.

What is a false positive in surveillance? ›

False positives are mislabeled security alerts, indicating there is a threat when in actuality, there isn't. These false/non-malicious alerts (SIEM events) increase noise for already over-worked security teams and can include software bugs, poorly written software, or unrecognized network traffic.

What is more serious false positive or negative? ›

Since false-negative results pose greater risks, most testing applications are set up to minimise the occurrence of false-negative results. This means that false-positive results are more likely to occur and are therefore more often found as a topic of discussion.

Are false positives for Covid common? ›

Public Health England reports that RT-PCR assays show a specificity of over 95%, meaning that up to 5% of cases are false positives.

Can VirusTotal be wrong? ›

VirusTotal simply aggregates the output of different antivirus vendors and URL scanners, it does not produce any verdicts of its own. As such, if you are experiencing a false positive issue, you should notify the problem to the company producing the erroneous detection, they are the only ones that can fix the issue.

Can a Trojan be a false positive? ›

In some cases after an update, a scan may falsely detect a previously undetected legitimate file as malicious and it is recommended to get a second opinion before taking action.

How many times can you get a false positive Covid test? ›

If you get a positive result but have no symptoms and no known exposure, take another test—ideally with another brand. Experts say that the likelihood of getting two false positives is so low that if one test comes back negative, you can trust it. If you test positive twice, then you likely have COVID-19.

Can viruses hide from scans? ›

Any virus that tries to avoid detection by antivirus software is considered a stealth virus. A stealth virus has an intelligent architecture, making it difficult to eliminate it completely from a computer system.

Does .exe mean a virus? ›

An .exe file can be a virus, but that is certainly not true for all of them. In fact, the majority are safe to use or even necessary for your Windows system to run. It all depends on what is in an .exe file. Basically .exe files are programs that have been translated into machine code (compiled).

How do you tell if a file is a false positive? ›

Cross-check using VirusTotal.

It benefits antivirus developers by helping them gather data about malware that's still out there. If your flagged malware isn't flagged by VirusTotal, it's probably a false positive.

Do hackers use vulnerability scanners? ›

Often, attackers use the same vulnerability scanning tools that organizations are required to use to discover network vulnerabilities. To keep ahead of attackers, you need to keep up to date on emerging vulnerabilities by regularly running internal and external vulnerability scans.

Why would a hacker use a vulnerability scan? ›

Criminal hackers use automated tools to identify and exploit known vulnerabilities and access unsecured systems, networks or data. Exploiting vulnerabilities with automated tools is simple: attacks are cheap, easy to run and indiscriminate, so every Internet-facing organisation is at risk.

Which scan is most commonly used by attacker? ›

Port scanning is one of the most popular techniques attackers use to discover services they can exploit to break into your computer system, according to the SANS Institute. It's important to note that port scanning is not solely used for nefarious purposes.

What is Acunetix premium? ›

Acunetix Premium is a web application security solution for managing the security of multiple websites, web applications, and APIs. Integration features allow you to automate your DevOps and issue management infrastructures.

Why does Acunetix scan fail? ›

When Acunetix 360 is not able to access the website, the problem may arise from a temporary internet connection failure. The machine Acunetix 360 installed or the target server might be affected by these connection corruptions. If the target server has issues related to server performance, it might respond very slowly.

What is the latest version of Acunetix? ›

4.3 03 Mar 2023. This Acunetix release includes a new security check for the Fortinet RCE flaw (CVE-2022-39952).

Is vulnerability scanning illegal? ›

However – while not explicitly illegal – port and vulnerability scanning without permission can get you into trouble: Civil lawsuits – The owner of a scanned system can sue the person who performed the scan. Even if unsuccessful, the case can waste time and resources on legal costs.

What software has the most vulnerabilities? ›

Top 10 Most Exploited Security Vulnerabilities In 2022 (And How To Fix Them)
  • Microsoft Office Bug (CVE-2017-11882)
  • ProxyNotShell (CVE-2022-41082, CVE-2022-41040)
  • Zimbra Collaboration Suite Bugs (CVE-2022-27925, CVE-2022-41352)
  • Atlassian Confluence RCE Flaw (CVE-2022-26134)
  • Zyxel RCE Vulnerability (CVE-2022-30525)
Dec 16, 2022

Is Adobe Scan free vs premium? ›

Adobe Scan is a free, stand-alone app. However, with a subscription to Acrobat Pro, you can combine your scans with other documents into a single PDF file that can be edited from desktop, mobile, or web. Images and text from your scanned PDFs also become fully editable on desktop.

Does Google have a free scanner? ›

Open your Android phone or tablet's widgets. Find the "Drive scan" widget. Touch and hold the widget. Drag it onto your Home screen.

Does iPhone have a free scanner? ›

You can use the Notes app to scan documents and add signatures on your iPhone or iPad.

What is the easiest scanner app to use? ›

The Best Mobile Scanning Apps
  • Our pick. Adobe Scan. The best scanning app. ...
  • Upgrade pick. SwiftScan. Pricey but powerful. ...
  • Also great. Microsoft Office Lens. Best for Microsoft Office users. ...
  • Also great. Apple Notes. Best free, basic scanning app for iOS users.
May 27, 2022

Which is the best app to read all the documents? ›

WPS Office

The WPS app is ideal to read PDF books on Android as it helps you read, edit, and create both PDF and Word documents, presentations, and spreadsheets. Besides, you can also read, edit and convert PDF files.

What is the fastest way to scan documents? ›

When it comes to scanning and managing large volumes of documents, a flat-bed scanner won't do the job quickly. If all of the documents you need to scan are on standard-size paper, your best bet is to purchase a sheet-fed scanner, also called an automatic document feeder.

What is the best free bar code scanner app? ›

Kaspersky QR Scanner is one of the best free third-party scanning apps for iOS and Android.

Which is the best PDF scanner app? ›

Best Android PDF Scanner Apps
  1. CamScanner - Phone PDF Creator. CamScanner is a document scanning and sharing app. ...
  2. Handy Scanner Free PDF Creator. ...
  3. Droid Scan Pro PDF. ...
  4. Quick PDF Scanner FREE. ...
  5. Genius Scan - PDF Scanner. ...
  6. Tiny Scan: PDF Document Scanner. ...
  7. PDF Scanner FREE + OCR Plugin. ...
  8. My Scans, PDF Document Scanner.

Do app police scanners work? ›

There are many police scanner apps available for your phone. They do not turn your cellphone into a radio. They do access internet streams uploaded by owners of home police scanners. So yes, you can listen to real live police radio chatter on your phone while in your car.

What vulnerabilities does Acunetix scan for? ›

Vulnerability Categories
  • Abuse Of Functionality.
  • Acumonitor.
  • Arbitrary File Creation.
  • Authentication Bypass.
  • Bruteforce Possible.
  • Buffer Overflow.
  • CSRF.
  • CSTI.

Which antivirus can detect Trojan? ›

Scan your PC using McAfee

It offers real-time protection from all types of malicious software threats, including viruses, rootkits, spyware, adware, ransomware, backdoors, and, last but not least, Trojans.

What does Acunetix scan for? ›

Acunetix is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting and other exploitable vulnerabilities.

Which of the following vulnerabilities can be detected by Acunetix AcuMonitor? ›

An Acunetix scan makes use of AcuMonitor to detect certain vulnerabilities such as Blind XSS, Email Header Injection, and certain types of SSRF, XXE and Host Header Attacks.

Are vulnerability scans illegal? ›

Yes, depending on the country; in the United States, website scanning without permission from the owner of the website; is ILLEGAL and a Federal crime punishable by up to 5 or more years.

Can Trojan virus be removed? ›

Can Trojan viruses be removed? Trojan viruses can be removed in various ways. If you know which software contains the malware, you can simply uninstall it. However, the most effective way to remove all traces of a Trojan virus is to install antivirus software capable of detecting and removing Trojans.

Can my phone get a Trojan virus? ›

No, Android phones can't get viruses that self-replicate. But Android devices are vulnerable to other types of malware that can cause even more chaos on your phone. From malicious adware to spying apps and even Android ransomware, Android threats are widespread.

What do vulnerability scanners look for? ›

A vulnerability scanner is an automated vulnerability testing tool that monitors for misconfigurations or coding flaws that pose cybersecurity threats. Vulnerability scanners either rely on a database of known vulnerabilities or probe for common flaw types to discover unknown vulnerabilities.

What can vulnerability scan detect? ›

A vulnerability scanner or assessment can find these web security weaknesses that can be seen as the available entry vulnerability points that unauthorized users use to infiltrate system applications, and exploit them by viewing traffic in and out of the network applications.

Is acunetix SAST or DAST? ›

Acunetix is a DAST/IAST tool.

What will a non credentialed vulnerability scan show? ›

Non-credentialed scans enumerate a host's exposed ports, protocols, and services and identifies vulnerabilities and misconfigurations that could allow an attacker to compromise your network. Ideal for large-scale assessments in traditional enterprise environments.

Which of the following are the types of vulnerabilities that hackers look out for? ›

Below are some of the most common types of cybersecurity vulnerabilities:
  • System Misconfigurations. ...
  • Out-of-date or Unpatched Software. ...
  • Missing or Weak Authorization Credentials. ...
  • Malicious Insider Threats. ...
  • Missing or Poor Data Encryption. ...
  • Zero-day Vulnerabilities. ...
  • Vulnerability Detection. ...
  • Cyber Security Vulnerability Assessment.


1. Acunetix: Introducing AcuMonitor Technology
(LOGON Software Asia)
2. Acunetix: Configuring Scanning Options
(LOGON Software Asia)
3. Acunetix: Acusensor IAST
(LOGON Software Asia)
4. Bypass Acunetix Login Page
5. Acunetix Deep-dive
6. How to Perform Security Testing Using Acunetix Web Vulnerability Scanner Tool
(Software Testing Help)
Top Articles
Latest Posts
Article information

Author: Moshe Kshlerin

Last Updated: 04/28/2023

Views: 5876

Rating: 4.7 / 5 (77 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Moshe Kshlerin

Birthday: 1994-01-25

Address: Suite 609 315 Lupita Unions, Ronnieburgh, MI 62697

Phone: +2424755286529

Job: District Education Designer

Hobby: Yoga, Gunsmithing, Singing, 3D printing, Nordic skating, Soapmaking, Juggling

Introduction: My name is Moshe Kshlerin, I am a gleaming, attractive, outstanding, pleasant, delightful, outstanding, famous person who loves writing and wants to share my knowledge and understanding with you.